ExamGecko
Question list
Search
Search

Question 31 - SPLK-1004 discussion

Report
Export

Which field Is requited for an event annotation?

A.
annotation_category
Answers
A.
annotation_category
B.
_time
Answers
B.
_time
C.
eventype
Answers
C.
eventype
D.
annotation_label
Answers
D.
annotation_label
Suggested answer: B

Explanation:

For an event annotation in Splunk, the required field is time (Option B). The time field specifies the point or range in time that the annotation should be applied to in timeline visualizations, making it essential for correlating the annotation with the correct temporal context within the data.

asked 23/09/2024
Steven Owens
36 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first